public void CreateIdentityUsers()
{
try
{
foreach (var user in _settings.Users)
{
if (WebSecurity.UserExists(user.UserName))
{
continue;
}
_log.Debug($"Adding user: {user} to asp net security.");
WebSecurity.CreateUserAndAccount(user.UserName, user.Password, new { FullName = user.Name });
foreach (var role in user.Roles)
{
_log.Debug($"Adding user: {user} to role: {role} in asp net security.");
Roles.AddUserToRole(user.Email, role);
}
_log.Debug($"Applying password to user: {user} in asp net security.");
WebSecurityService.UpdatePasswordAndActivate(user.UserName, user.Password);
}
}
catch (Exception ex)
{
_log.Error(ex);
}
}
public ChangePasswordResult ChangePassword(ChangePasswordModel model)
{
var validationResult = ValidateChangeModel(model);
if (validationResult != null)
{
return(validationResult);
}
try
{
var currentPasswordOkay = WebSecurity.Login(model.UserName, model.CurrentPassword, false);
if (!currentPasswordOkay)
{
var badPasswordResult = new ChangePasswordResult
{
Success = false, Message = "The Current Password supplied is incorrect"
};
badPasswordResult.AddFailingField(x => x.CurrentPassword);
return(badPasswordResult);
}
WebSecurityService.UpdatePasswordAndActivate(model.UserName, model.NewPassword);
return(ChangePasswordResult.Successful);
}
catch (Exception e)
{
_log.Error("ChangePassword", e);
return(DatabaseUnreachableResult <ChangePasswordResult>());
}
}
public ActionResult Login(LoginModel model)
{
if (ModelState.IsValid && WebSecurityService.Login(model.UserName, model.Password, persistCookie: model.RememberMe))
{
return(RedirectToAction("Index", "Album"));
}
// If we got this far, something failed, redisplay form
ModelState.AddModelError("", "The user name or password provided is incorrect.");
return(View(model));
}
public ActionResult PasswordReset(PasswordResetModel model)
{
if (ModelState.IsValid)
{
if (WebSecurityService.ResetPassword(model.ResetToken, model.NewPassword))
{
return(RedirectToAction("PasswordResetSuccess"));
}
ModelState.AddModelError("", "The password reset token is invalid.");
}
return(View(model));
}
protected override void Initialize(RequestContext requestContext)
{
if (WebSecurityService == null)
{
WebSecurityService = new WebSecurityService();
}
if (MessengerService == null)
{
MessengerService = new MessengerService();
}
base.Initialize(requestContext);
}
public ActionResult ChangePassword(ChangePasswordModel model)
{
if (ModelState.IsValid)
{
if (WebSecurityService.ChangePassword(User.Identity.Name, model.OldPassword, model.NewPassword))
{
return(RedirectToAction("ChangePasswordSuccess"));
}
ModelState.AddModelError("", "The current password is incorrect or the new password is invalid.");
}
// If we got this far, something failed, redisplay form
ViewBag.PasswordLength = WebSecurityService.MinPasswordLength;
return(View(model));
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
// Attempt to register the user
var requireEmailConfirmation =
Convert.ToBoolean(ConfigurationManager.AppSettings["requireEmailConfirmation"] ?? "false");
var token = WebSecurityService.CreateUserAndAccount(model.UserName, model.Password,
requireConfirmationToken: requireEmailConfirmation);
if (requireEmailConfirmation)
{
// Send email to user with confirmation token
if (Request.Url != null)
{
string hostUrl = Request.Url.GetComponents(UriComponents.SchemeAndServer, UriFormat.Unescaped);
string confirmationUrl = hostUrl +
VirtualPathUtility.ToAbsolute("~/Account/Confirm?confirmationCode=" +
HttpUtility.UrlEncode(token));
const string fromAddress = "Your Email Address";
var toAddress = model.Email;
const string subject =
"Thanks for registering but first you need to confirm your registration...";
var body =
string.Format(
"Your confirmation code is: {0}. Visit <a href=\"{1}\">{1}</a> to activate your account.",
token, confirmationUrl);
// NOTE: This is just for sample purposes
// It's generally a best practice to not send emails (or do anything on that could take a long time and potentially fail)
// on the same thread as the main site
// You should probably hand this off to a background MessageSender service by queueing the email, etc.
MessengerService.Send(fromAddress, toAddress, subject, body, true);
}
// Thank the user for registering and let them know an email is on its way
return(RedirectToAction("Thanks", "Account"));
}
// Navigate back to the homepage and exit
WebSecurityService.Login(model.UserName, model.Password);
return(RedirectToAction("Index", "Home"));
}
// If we got this far, something failed, redisplay form
ViewBag.PasswordLength = WebSecurityService.MinPasswordLength;
return(View(model));
}
public ActionResult Create(AlbumDetailViewModel viewAlbum)
{
if (ModelState.IsValid)
{
if (!WebSecurityService.IsPayedUser() &&
BllAlbumServices.GetAlbumsNumberForCurrentUser() > 5)
{
ModelState.AddModelError("NumberOfAlbumsValidationError", "Free users can have only 5 albums (please upgrade to payed user)");
return(View(viewAlbum));
}
AlbumDTO albumDto = Mapper.Map <AlbumDTO>(viewAlbum);
albumDto.Created = DateTime.Now;
_albumServices.CreateAlbum(albumDto);
return(RedirectToAction("Index"));
}
return(View(viewAlbum));
}
public ActionResult Register(RegisterModel model)
{
if (ModelState.IsValid)
{
try
{
WebSecurityService.CreateUserAndAccount(model.UserName, model.Password);
WebSecurityService.Login(model.UserName, model.Password);
return(RedirectToAction("Index", "Album"));
}
catch (MembershipCreateUserException e)
{
ModelState.AddModelError("", ErrorCodeToString(e.StatusCode));
}
}
return(View(model));
}
public ActionResult LogOn(LogOnModel model, string returnUrl)
{
if (ModelState.IsValid)
{
if (WebSecurityService.Login(model.UserName, model.Password, model.RememberMe))
{
if (Url.IsLocalUrl(returnUrl))
{
return(Redirect(returnUrl));
}
return(RedirectToAction("Index", "Home"));
}
ModelState.AddModelError("", "The user name or password provided is incorrect.");
}
// If we got this far, something failed, redisplay form
return(View(model));
}
public ActionResult Confirm()
{
string confirmationToken = Request.QueryString["confirmationCode"];
WebSecurityService.Logout();
if (!string.IsNullOrEmpty(confirmationToken))
{
if (WebSecurityService.ConfirmAccount(confirmationToken))
{
ViewBag.Message =
"Registration Confirmed! Click on the login link at the top right of the page to continue.";
}
else
{
ViewBag.Message = "Could not confirm your registration info";
}
}
return(View());
}
public PasswordResetResult ResetPassword(PasswordResetModel model)
{
try
{
var validationResult = ValidateResetModel(model);
if (validationResult != null)
{
return(validationResult);
}
WebSecurityService.UpdatePasswordAndActivate(model.UserName, model.Password);
return(PasswordResetResult.Successful);
}
catch (Exception e)
{
_log.Error("ResetPassword", e);
return(DatabaseUnreachableResult <PasswordResetResult>());
}
}
public ActionResult ForgotPassword(ForgotPasswordModel model)
{
var isValid = false;
var resetToken = string.Empty;
if (ModelState.IsValid)
{
if (WebSecurityService.GetUserId(model.UserName) > -1 && WebSecurityService.IsConfirmed(model.UserName))
{
resetToken = WebSecurityService.GeneratePasswordResetToken(model.UserName);
isValid = true;
}
if (isValid)
{
if (Request.Url != null)
{
string hostUrl = Request.Url.GetComponents(UriComponents.SchemeAndServer, UriFormat.Unescaped);
string resetUrl = hostUrl +
VirtualPathUtility.ToAbsolute("~/Account/PasswordReset?resetToken=" +
HttpUtility.UrlEncode(resetToken));
var fromAddress = "Your Email Address";
var toAddress = model.Email;
var subject = "Password reset request";
var body =
string.Format(
"Use this password reset token to reset your password. <br/>The token is: {0}<br/>Visit <a href='{1}'>{1}</a> to reset your password.<br/>",
resetToken, resetUrl);
MessengerService.Send(fromAddress, toAddress, subject, body, true);
}
}
return(RedirectToAction("ForgotPasswordMessage"));
}
return(View(model));
}
protected override void Configure()
{
CreateMap <PhotoDTO, PhotoListViewModel>().ForMember(dest => dest.CommentsNumber,
opt => opt.MapFrom(src => BllCommentServices.GetCommentsNumberByPhoto(src.Id)));
CreateMap <PhotoDTO, PhotoDetailViewModel>();
CreateMap <PhotoDetailViewModel, PhotoDTO>();
CreateMap <AlbumDTO, AlbumListViewModel>();
CreateMap <AlbumDTO, AlbumDetailViewModel>().ForMember(dest => dest.Author,
opt => opt.MapFrom(src => WebSecurityService.GetUserNameById(src.UserId)));
CreateMap <AlbumDetailViewModel, AlbumDTO>();
CreateMap <PhotoCommentDTO, PhotoCommentViewModel>().ForMember(dest => dest.Author,
opt => opt.MapFrom(src => WebSecurityService.GetUserNameById(src.UserId)));
CreateMap <PhotoCommentViewModel, PhotoCommentDTO>();
}
public ActionResult LogOff()
{
WebSecurityService.Logout();
return(RedirectToAction("Login", "Account"));
}
// **************************************
// URL: /Account/LogOff
// **************************************
public ActionResult LogOff()
{
WebSecurityService.Logout();
return(RedirectToAction("Index", "Home"));
}
